Netzero is a free internet service provider which requires its users to run the application ZeroPort in order to log onto the network. The username and password is stored locally in a text file called id.dat and is inadequately encrypted. The weakly encrypted username and password may also be stored in jnetz.prop if the option "Save Password" is enabled.

If a malicious user has access to the aforementioned files, they may decrypt the username and password using the exploit provided by Brian Carrier &lt;bcarrier@atstake.com&gt; or by using a simple substitution cipher.

Taken from the @Stake/L0pht advisory, Brian Carrier explains how to decrypt the username and password:

The classical substitution cipher is a 1-to-1 mapping between characters where each plaintext character is replaced by one ciphertext character. For example, let P_i be the plaintext character in location 'i' and C_j be the ciphertext character in location 'j', then C_i is the character that P_i maps to.

The NetZero substitution cipher replaces each plaintext character by two ciphertext characters, but the two ciphertext characters are not stored together. When substituting character P_i of a password of length 'n', the first ciphertext character is C_i and the second character is C_n+i.